Mercurial > p > roundup > code
diff doc/upgrading.txt @ 4312:594eee0d43fc
fixes
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Wed, 23 Dec 2009 00:34:39 +0000 |
| parents | 8e0d350ce644 |
| children | 05d3f47003fc |
line wrap: on
line diff
--- a/doc/upgrading.txt Mon Dec 21 21:03:24 2009 +0000 +++ b/doc/upgrading.txt Wed Dec 23 00:34:39 2009 +0000 @@ -25,8 +25,8 @@ Migrating from 1.4.x to 1.4.11 ============================== -Close poential security hole ----------------------------- +Close potential security hole +----------------------------- If your tracker has untrusted users you should examine its ``schema.py`` file and look for the section granting the "Edit" permission to your users. @@ -54,10 +54,10 @@ anonymous users to register. This means you will need to add the following to your tracker's ``schema.py`` to add the permission and assign it to the Anonymous role (replacing any previously assigned -"Create user" permission for the Anonymous role): +"Create user" permission for the Anonymous role):: +db.security.addPermission(name='Register', klass='user', - + description='User is allowed to register new user') + + description='User is allowed to register new user') # Assign the appropriate permissions to the anonymous user's Anonymous # Role. Choices here are: